CVE-2025-69061
BaseFortify
Publication date: 2026-01-22
Last updated on: 2026-01-29
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| ancorathemes | moveme | to 1.2.15 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-98 | The PHP application receives input from an upstream component, but it does not restrict or incorrectly restricts the input before its usage in "require," "include," or similar functions. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-69061 is a Local File Inclusion (LFI) vulnerability in the WordPress MoveMe Theme (versions up to 1.2.15). It allows an unauthenticated attacker to include and display local files from the target website, potentially exposing sensitive information such as database credentials. This occurs due to improper control of filenames in PHP include/require statements. [1]
How can this vulnerability impact me? :
This vulnerability can lead to exposure of sensitive information like database credentials. Depending on the website's configuration, exploitation could result in a complete database takeover, compromising the security and integrity of the affected website. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this Local File Inclusion (LFI) vulnerability can involve monitoring web server logs for suspicious requests attempting to include local files, such as requests containing file path traversal patterns (e.g., '../'). Specific commands are not provided in the resources, but common approaches include using tools like grep to search access logs for suspicious parameters or payloads targeting the MoveMe theme. For example, commands like `grep -i 'include' /var/log/apache2/access.log` or scanning for known LFI payload patterns could help identify exploitation attempts. Additionally, applying the mitigation rule from Patchstack can help block attack attempts. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include applying the mitigation rule issued by Patchstack to block attacks exploiting this vulnerability until an official patch is released. Since no official fix is available as of the publication date, using this mitigation rule is critical to protect affected websites running MoveMe theme versions up to 1.2.15. Additionally, monitoring and restricting access to sensitive files and ensuring proper web server configurations can help reduce risk. [1]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This vulnerability allows unauthorized access to sensitive information such as database credentials, which could lead to data breaches. Such breaches may result in non-compliance with data protection regulations like GDPR and HIPAA, as these standards require safeguarding sensitive data against unauthorized access. Therefore, exploitation of this vulnerability could negatively impact compliance with these common standards and regulations. [1]